never mind. I get it! Thanks!
On May 18, 12:05 pm, Brian Lee <brianleeu...@gmail.com> wrote: > But how does this prevent user from accessing a random course? > > such as typing localhost/courses/view/123 > and hoping to see what he gets for course_id 123. > > I know that paginate would restrict what I would like to list; > however, that does not prevent the user from typing the actual url to > access (add, view, delete) the course with some random course number > that he/she did not create. > > On May 18, 10:18 am, "Gabriel A. Gonzalez" <gabriel...@gmail.com> > wrote: > > > Hi Brian, i assume that each course have an user_id right? so when you > > list, edit or view the courses just use a condition to search all the > > courses of the current user... ex: > > > $cond = array('Course.user_id' => $Current_user_id); > > $this->set('courses', $this->paginate('Course', $cond)); > > > Brian Lee escribió: > > > > So, here is how my application works: > > > > 1. I have users (just like any other apps) > > > 2. I have courses that each user can create > > > > Upon login, user will view the list of courses that she created. > > > I got that to work. > > > > However, now the problem is, I don't know the simple, neat way to > > > block user from accessing classes that she did not create. For > > > instance, Bob created courses that have IDs of 1, 2, 3. Jane has > > > courses with IDs of 4, 5, 6. How do I stop Bob from doing something > > > like localhost/courses/view/4 (trying to view Jane's course)? and > > > prevent Jane from doing the same for Bob's courses? > > > > I am sure that there is very neat way to do it, because this is a > > > problem often comes up when developing web applications. I just want > > > to know the CakePHP way of doing this. > > > > Thanks! --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---